package com.ddstation.common.security.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.ddstation.common.property.SystemProperties;
import com.ddstation.crm.login.bean.SessionLoginData;


/**
 * 问暖云 cloud-lis
 * @author zhangdifeng
 * @date 2019年6月21日
 */
public class InvsValidateRequestInterceptor implements HandlerInterceptor {
	
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response,
			Object obj,
			Exception ex)
			throws Exception {
	}

	public void postHandle(HttpServletRequest request,
			HttpServletResponse response,
			Object obj, ModelAndView mv) throws Exception {
	}

	public boolean preHandle(
			HttpServletRequest request,
			HttpServletResponse response,
			Object obj) throws Exception {
		
		StringBuffer url = request.getRequestURL();
		if (url.toString().endsWith("login")) {
			return true;
		}
		
		HttpSession session = request.getSession();
		SessionLoginData loginData = (SessionLoginData)session.getAttribute(SessionLoginData.KEY);
		if (loginData != null && loginData.getDoctor() != null && loginData.getInstitution() != null) {
			return true;
		} else {
			logger.error("《卫监》 非法访问 OR SESSION过期");
			boolean isAjax = request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest");
			// 被拦截，重定向到login界面
			if (isAjax) {
				response.sendRedirect(SystemProperties.INVS_URL + "/wn_timeout_ajax.do");
			} else {
			    response.sendRedirect(SystemProperties.INVS_URL + "/wn_timeout.do");
			}
		}
		
    	return false;
	}
	private static final Logger logger = LoggerFactory.getLogger(InvsValidateRequestInterceptor.class);
//	private final Logger logger = LoggerFactory.getLogger(this.getClass());
}
